View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
July 6, 2009

Bounce-back spam on the rise: McAfee

UK targeted with bizarre spam subjects

By Steve Evans

New research by security firm McAfee has found that spammers are trapping users across Europe by using messages disguised as legitimate reply emails containing “out of office” or “undeliverable” in the subject.

The research looked at the impact spam is having on international commerce and the reaction to it. One impact of spam is to block an IP address based entirely on geolocation or by blocking access to emails containing foreign languages, the report said.

“Actions such as these generally stem from foreign-language spams reaching executive decision makers who then demand an administrator respond to specific language-based criteria,” the report said. “These sorts of policy decisions are unlikely to be regularly reviewed, and represent a digital bias against certain languages or countries that could affect legitimate communications.”

The report turned up some interesting finding about the tactics used by spammers to target UK businesses.

Bounce-back emails, those containing ‘failure notice’, ‘undeliverable’ and other similar messages, were very popular with addresses ending in .com, filling four of the top ten spam subjects. Half of the top ten spam messages sent to .org addresses contained bounce-back subjects, including four of the top five.

In the UK however the domain contained no bounce-back emails in the top 15. Spam email subjects here tended to be much more bizarre, with headings such as “Salute, man!”, “I’m locked in room”, “Your house switched off” and “What’s with bar?” registering.

“Given that United Kingdom spam is also in English, we might assume that techniques that work in the U.S. country code would also work in .uk. However, that’s not the case, so we imagine that U.K. email addresses have been left out of the forged From addresses through some conscious action by spammers,” said the report.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

“We don’t really know whether someone chose one country code over another,” the report continued. “Perhaps an algorithm merely appended .com or .org to the end of a randomly generated string, but the practice stands in stark contrast to spam behaviour in the .us world.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.